Authenticated Proxy for accessing Tivo by web.

Chris Kloiber ckloiber at c...
Thu, 11 Oct 2001 19:10:56 -0400 (EDT)

Previous message: [ExtractStream] Re: Status of Windows tools ==> Linux Solutions
Next message: [ExtractStream] Re: Status of Windows tools ==> Linux Solutions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I set up a virtual host on my Linux box (Apache) which will authenticate
users and then proxy connections to/from my TiVo on my internal network.
I did this with the help of a guy I work with. Here's how it's done.

1) I added added a virtual host to my DNS (http://tivo.ckloiber.com, but
you can't hit it unless you work where I do.) to point to my linux server.

2) I edited the apache configuration file /etc/httpd/conf/httpd.conf and
uncommented the lines:

LoadModule proxy_module modules/libproxy.so

and

AddModule mod_proxy.c

Then I enabled and added a new VirtualHost section:

NameVirtualHost *

<VirtualHost *>
ServerAdmin ckloiber@c...
DocumentRoot /var/tivo.ckloiber.com/html
ServerName tivo.ckloiber.com
ErrorLog logs/tivo.ckloiber.com_error.log
CustomLog logs/tivo.ckloiber.com_access.log combined

<IfModule mod_proxy.c>
ProxyRequests On
<Directory proxy:*>
AllowOverride authconfig
Order deny,allow
AuthName "My TiVo"
AuthType Basic
AuthUserFile /etc/httpd/conf/proxytest
require valid-user
Deny from all
# Change this if you are not me :)
Allow from .mywork.com .ckloiber.com
</Directory>

# Enable/disable the handling of HTTP/1.1 "Via:" headers.
# ("Full" adds the server version; "Block" removes all outgoing Via:
# headers)
# Set to one of: Off | On | Full | Block

ProxyVia On
# This is the internal address of your TiVo can also use hostname
# if you have internal lan DNS working. This setup assumes I want
# http://tivo.ckloiber.com/ to go directly into the tivo. By changing
# both of the / to /path/ below I can have some content on the linux
# server, and the tivo off a subdirectory of the webserver.
ProxyPass / http://192.168.1.100/
ProxyPassReverse / http://192.168.1.100/

</IfModule>
</VirtualHost>

3) Save the file, and restart apache with 'service httpd restart'.

4) Create the proxytest file to enable only authorized users to connect to
the tivo:

# htpasswd -c /etc/httpd/conf/proxytest <username>

5) Connect to your TiVo using any web browser located in an authorized
domain. Everybody else gets a 403-Forbidden error from the apache
webserver, no unauthorized connections touch the TiVo (should hopefully
prevent DOS on the TiVo).

6) Enjoy!

--
Chris Kloiber, RHCE

Previous message: [ExtractStream] Re: Status of Windows tools ==> Linux Solutions
Next message: [ExtractStream] Re: Status of Windows tools ==> Linux Solutions
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]